[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-ha
Subject: Re: [Linux-HA] Filesystem agent not OK when in a clone group
From: Florent DUTHEIL <florent.dutheil-renexter () renault ! com>
Date: 2008-06-26 14:36:40
Message-ID: 4863A978.8040702 () renault ! com
[Download RAW message or body]
[Attachment #2 (text/plain)]
Florent DUTHEIL a écrit :
>
> Lars Marowsky-Bree a écrit :
> > On 2008-06-09T16:25:25, Florent DUTHEIL
> > <florent.dutheil-renexter@renault.com> wrote:
> >
> >
> > > One can see clearly in logs (when it comes to mount the first
> > > "bind/ro" ressource:
> > > Filesystem[2688][2718]: 2008/06/09_16:10:08 INFO: Running start for
> > > /mnt/filer1/drivers on /var/ftp/labtech/labtech_drivers
> > > Filesystem[2688][2719]: 2008/06/09_16:10:08 ERROR: DANGER! on
> > > /mnt/filer1/drivers is NOT cluster-aware!
> > > Filesystem[2688][2720]: 2008/06/09_16:10:08 ERROR: DO NOT RUN IT AS
> > > A CLONE!
> > > Filesystem[2688][2721]: 2008/06/09_16:10:08 ERROR: Politely refusing
> > > to proceed to avoid data corruption.
> > >
> >
> > Well, I think that's fairly explicit. ;-) It tries to guard against
> > errors - such as users accidentially trying to clone an ext3 mount.
> >
> >
> > > Do I havet to "hack" the FS agent code to make him ignore every FS
> > > ressources that have the "bind" option?
> > > I suppose I would have to modify this statement:
> > >
> > > [snip]
> > >
> >
> > Yes, you'll need to detect bind mounts here and permit them.
> >
>
> In my view, cloned "binded" FS ressources (let call it the "B" FS
> ressource) should always be allowed. Because the original FS ressource
> (let call it the "A" FS ressource) that is re-mounted as binded is
> already protected against unauthorized FS resource cloning.
>
> For example, in the case of an ext3 ressource (A), this ext3 FS won't
> be cloned (FS agent protection) so there won't be any HB/cluster
> breakage problem if the cloned "binded" remonted FS ressource (B) is
> allowed.
> Indeed B can always be mounted on a Linux system but simply won't show
> files from A. It's up to the cluster designer to set constraints or
> groups to make B be mounted only if A actually is.
>
> If I'm not wrong, I really think that the FS agent protection against
> cluster unaware FS should be disabled upstream for "binded" FS
> ressources.
>
>
> Please feel free to argue and tell me if I'm wrong :)
Ok, so that works now when modified the agent
/usr/lib/ocf/resource.d/heartbeat/Filesystem (added the "grep" to the
statement, line 796)
case $FSTYPE in
ocfs2) ocfs2_init
;;
nfs) : # this is kind of safe too
;;
*) if [ -n "$OCF_RESKEY_CRM_meta_clone" ] && echo
"$OCF_RESKEY_options" | grep -v -q bind ; then
ocf_log err "DANGER! $FSTYPE on $DEVICE is NOT
cluster-aware!"
ocf_log err "DO NOT RUN IT AS A CLONE!"
ocf_log err "Politely refusing to proceed to avoid data
corruption."
exit $OCF_ERR_GENERIC
fi
;;
esac
I'm still convinced this (or something less "dirty hack looking" :))
should be modified in the upstream agent version.
Regards,
Florent.
-- Disclaimer ------------------------------------
Ce message ainsi que les eventuelles pieces jointes constituent une correspondance \
privee et confidentielle a l'attention exclusive du destinataire designe ci-dessus. \
Si vous n'etes pas le destinataire du present message ou une personne susceptible de \
pouvoir le lui delivrer, il vous est signifie que toute divulgation, distribution ou \
copie de cette transmission est strictement interdite. Si vous avez recu ce message \
par erreur, nous vous remercions d'en informer l'expediteur par telephone ou de lui \
retourner le present message, puis d'effacer immediatement ce message de votre \
systeme.
***
This e-mail and any attachments is a confidential correspondence intended only for \
use of the individual or entity named above. If you are not the intended recipient or \
the agent responsible for delivering the message to the intended recipient, you are \
hereby notified that any disclosure, distribution or copying of this communication is \
strictly prohibited. If you have received this communication in error, please notify \
the sender by phone or by replying this message, and then delete this message from \
your system.
_______________________________________________
Linux-HA mailing list
Linux-HA@lists.linux-ha.org
http://lists.linux-ha.org/mailman/listinfo/linux-ha
See also: http://linux-ha.org/ReportingProblems
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic